Junos and Junosphere
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
AXington
Visitor
AXington
Posts: 2
Registered: ‎04-04-2012
0

noob question: Pulling configurations in CLI

Options

‎04-04-2012 12:52 PM

I'm trying to pull the configuration of the firewall thru the CLI, I've not been able to find a command to do so. Is it actually possible?

Message 1 of 5 (326 Views)
 
Reply
Distinguished Expert
Distinguished Expert
muttbarker
Posts: 1,947
Registered: ‎01-29-2008
0

Re: noob question: Pulling configurations in CLI

[ Edited ]
Options

‎04-04-2012 01:19 PM - edited ‎04-04-2012 01:20 PM

Lots of different ways - one of the easiest is just to ftp to a server 

 

save ftp://user:smileytongue:ass@1.1.1.1.1/filename

 

(That should read user : pass - can't turn off smiley face insert)

 

You can also automate process to execute on commit - etc.... 

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Message 2 of 5 (324 Views)
 
Reply
AXington
Visitor
AXington
Posts: 2
Registered: ‎04-04-2012
0

Re: noob question: Pulling configurations in CLI

Options

‎04-05-2012 06:41 AM

Not exactly what i'm looking for, what I'm trying to do is retrieve the current configuration of the firewall that's on the box (srx210) and analyze that data for security metrics. I want to see a list of open ports, allowed protocols, etc. I'd prefer to get it as an xml document so that I can parse all that data out of it.

Message 3 of 5 (307 Views)
 
Reply
omoulton@adaptcom.c…
Visitor
omoulton@adaptcom.com
Posts: 1
Registered: ‎03-29-2011
0

Re: noob question: Pulling configurations in CLI

Options

‎04-05-2012 08:39 AM

Try show configuration | display xml. Adding | no-more will eliminuate the  ---(more)--- prompts.

Message 4 of 5 (300 Views)
 
Reply
Recognized Expert
Recognized Expert
JunOS_Fan
Posts: 241
Registered: ‎02-13-2012
0

Re: noob question: Pulling configurations in CLI

Options

‎04-06-2012 11:31 AM

Hi,

 

to see the complete configuration - "root@srx>show configuration "

 

to see list of open ports ( like netstat -a output) , you may use "show system connections" operational mode , if you need the XML output  use | display xml , as mentioned in previous reply. 

 

In SRX, if you want to see what all protocols/services are enabled for inbound traffic, you may use - "show interfaces <int-name> extensive " and look for host-inbound-traffic

Best regards
Pradeep (JNCIP-SEC,ENT,SP)
www.networker.co.in
Message 5 of 5 (269 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.